<?php
include 'ini.php';

$con = connectToDB();
// TO DO: check if username is taken already
// TO DO: check if email is taken already

$emailOrUsername = $con->real_escape_string($_POST['email']);
$password = $con->real_escape_string($_POST['password']); 

$result = filter_var( $emailOrUsername, FILTER_VALIDATE_EMAIL );


if ( !$result )
{
    $userId = logUserIn($emailOrUsername, $password, "username" );
}
else
{
   $userId  = logUserIn($emailOrUsername, $password, "email" );
}

if ($userId > -1)
{
    setSessionUserID($userId);
    header("Location: index.php");
}
else     
{
    header("Location: signin.php?err=1");
}